NIST SP 800-53 control reference

Estimated reading time:
2 minutes

This section serves as a quick-reference for NIST Special Publication (SP)
800-53 Revision 4 security controls that are applicable to the latest release of
Docker Enterprise Edition (EE). For generating your own security documentation
using the machine-readable source content of these control mappings, please
refer to our compliance repository at
https://github.com/docker/compliance.

The controls have been broken out by family and each control’s origin is mapped
to one of the following:

Control Origination

Definition

Example

Service provider corporate

A control that originates from agency’s corporate network

DNS from the corporate network provides address resolution services for the information system and the service offering

Docker EE system

A control specific to Docker EE

Docker EE LDAP configuration

Service provider hybrid

A control that makes use of both corporate controls and additional controls specific to Docker EE

There are scans of the corporate network infrastructure; scans of Docker images via DTR would be included

Configured by customer

A control where the Docker EE end-user’s application needs to apply a configuration in order to meet the control requirement